Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/c0ea88-7592-4e84-9a9a-4335670f6b7e/1/oNjQGnpoQaNznfwrGruDM-sjT7Y.roa
File:                     oNjQGnpoQaNznfwrGruDM-sjT7Y.roa (raw, json)
Hash identifier:          /XWdgfbW0b0YiTXXE4mWRZBE3dNWuF5ot3fVD29GrRI=
Subject key identifier:   A0:D8:D0:1A:7A:68:41:A3:73:9D:FC:2B:1A:BB:83:33:EB:23:4F:B6
Certificate issuer:       /CN=9ad6bf12ad5a29327bc6f7b66026f054686cd959
Certificate serial:       0181DE136B556AA88EC29ED2AB21DB599B94
Authority key identifier: 9A:D6:BF:12:AD:5A:29:32:7B:C6:F7:B6:60:26:F0:54:68:6C:D9:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mta_Eq1aKTJ7xve2YCbwVGhs2Vk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/c0ea88-7592-4e84-9a9a-4335670f6b7e/1/oNjQGnpoQaNznfwrGruDM-sjT7Y.roa
Signing time:             Fri 08 Jul 2022 13:50:23 +0000
ROA not before:           Fri 08 Jul 2022 13:50:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60533
IP address blocks:        2a00:a8a0::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:de:13:6b:55:6a:a8:8e:c2:9e:d2:ab:21:db:59:9b:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ad6bf12ad5a29327bc6f7b66026f054686cd959
        Validity
            Not Before: Jul  8 13:50:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a0d8d01a7a6841a3739dfc2b1abb8333eb234fb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:f2:6d:65:27:f1:29:7e:4f:05:9a:95:5c:42:
                    5d:1f:55:44:66:ac:ae:f3:86:63:d1:4b:0a:9a:13:
                    23:70:b4:fb:d7:05:da:80:b4:90:6b:a7:fd:5b:71:
                    ea:6f:f8:75:84:a4:dd:67:70:fc:83:ac:0d:56:a2:
                    a5:88:69:c4:ce:a1:f0:0a:e6:78:57:37:83:42:e4:
                    0f:45:2e:73:c4:6c:e5:38:88:85:19:3b:51:d4:48:
                    9b:2e:01:1a:bc:70:35:5a:ec:a5:27:96:19:17:da:
                    db:5c:76:0b:4f:8c:c3:6d:4c:c2:76:07:8a:a0:c3:
                    c9:01:05:52:f4:75:d4:5c:ff:40:04:5c:8d:f7:f8:
                    eb:c3:17:6d:d8:1c:70:58:cc:00:3c:eb:4b:51:ef:
                    c4:11:7c:2d:05:1a:2b:93:c3:d5:45:c7:18:7a:ac:
                    ac:5c:58:7a:a3:ce:df:d4:c6:f2:2e:16:a1:b8:9f:
                    44:97:56:20:6a:e5:68:fe:5d:f8:03:7f:06:77:ed:
                    79:8f:38:c1:74:63:ea:cf:d7:d1:5b:f0:07:dc:8b:
                    88:dc:65:aa:da:a1:88:be:b3:f8:eb:e1:e9:58:79:
                    6b:56:db:03:ee:e2:9a:8d:41:75:3f:c2:b8:77:2c:
                    e2:eb:a7:b9:29:f4:73:a4:8f:bf:21:e0:06:52:0b:
                    c8:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:D8:D0:1A:7A:68:41:A3:73:9D:FC:2B:1A:BB:83:33:EB:23:4F:B6
            X509v3 Authority Key Identifier:
                keyid:9A:D6:BF:12:AD:5A:29:32:7B:C6:F7:B6:60:26:F0:54:68:6C:D9:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mta_Eq1aKTJ7xve2YCbwVGhs2Vk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/c0ea88-7592-4e84-9a9a-4335670f6b7e/1/oNjQGnpoQaNznfwrGruDM-sjT7Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/c0ea88-7592-4e84-9a9a-4335670f6b7e/1/mta_Eq1aKTJ7xve2YCbwVGhs2Vk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:a8a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         9c:ca:54:92:02:9b:36:da:ca:39:f3:08:75:ca:c3:84:c0:c5:
         c2:c2:a5:7f:1f:7e:94:da:98:e9:3b:01:70:1e:10:3d:5d:33:
         34:8e:eb:43:eb:b2:a3:32:f7:1b:a3:f2:3d:fe:0e:f4:92:7b:
         ea:7d:8e:2d:85:39:fc:d4:e7:be:65:41:ba:2d:02:1d:f2:f4:
         59:c4:ba:90:0b:61:70:b3:38:90:8e:95:52:56:4c:56:a5:be:
         16:5d:ac:ed:b5:a5:29:fc:e2:d0:ba:e2:02:e2:ea:57:5b:c2:
         87:b5:56:d8:66:64:73:c2:59:62:f9:17:30:6f:c9:eb:15:5c:
         1c:92:e3:66:d5:20:28:1b:f8:c9:84:18:27:9b:da:77:6d:09:
         f1:1a:ab:12:0b:d4:53:ce:f1:88:36:d9:78:1c:46:e8:bc:e5:
         f1:e3:de:ae:d1:61:ae:9e:43:2c:e2:5d:c9:ac:9c:ec:13:2d:
         81:20:c2:f9:b4:55:a1:bf:59:5f:0f:2d:ac:16:a8:c9:96:88:
         bd:f4:0e:89:38:3c:e4:7b:a7:a2:79:b6:06:e7:3e:0a:06:57:
         e7:6e:29:6b:e6:bb:9e:3f:e4:ac:0d:e7:c1:c2:87:cf:63:3b:
         d2:0d:95:ad:83:f0:08:bf:a8:0e:01:6d:8e:c2:f8:58:f6:01:
         c9:ac:42:07
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYHeE2tVaqiOwp7SqyHbWZuUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZDZiZjEyYWQ1YTI5MzI3YmM2ZjdiNjYwMjZmMDU0Njg2
Y2Q5NTkwHhcNMjIwNzA4MTM1MDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGQ4ZDAxYTdhNjg0MWEzNzM5ZGZjMmIxYWJiODMzM2ViMjM0ZmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/JtZSfxKX5PBZqVXEJdH1VEZqyu
84Zj0UsKmhMjcLT71wXagLSQa6f9W3Hqb/h1hKTdZ3D8g6wNVqKliGnEzqHwCuZ4
VzeDQuQPRS5zxGzlOIiFGTtR1EibLgEavHA1WuylJ5YZF9rbXHYLT4zDbUzCdgeK
oMPJAQVS9HXUXP9ABFyN9/jrwxdt2BxwWMwAPOtLUe/EEXwtBRork8PVRccYeqys
XFh6o87f1MbyLhahuJ9El1YgauVo/l34A38Gd+15jzjBdGPqz9fRW/AH3IuI3GWq
2qGIvrP46+HpWHlrVtsD7uKajUF1P8K4dyzi66e5KfRzpI+/IeAGUgvImwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKDY0Bp6aEGjc538Kxq7gzPrI0+2MB8GA1UdIwQY
MBaAFJrWvxKtWikye8b3tmAm8FRobNlZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXRhX0VxMWFLVEo3eHZlMllDYndWR2hzMlZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9jMGVhODgtNzU5Mi00ZTg0LTlhOWEt
NDMzNTY3MGY2YjdlLzEvb05qUUducG9RYU56bmZ3ckdydURNLXNqVDdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9jMGVhODgtNzU5Mi00ZTg0LTlhOWEtNDMzNTY3MGY2Yjdl
LzEvbXRhX0VxMWFLVEo3eHZlMllDYndWR2hzMlZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgCooDAN
BgkqhkiG9w0BAQsFAAOCAQEAnMpUkgKbNtrKOfMIdcrDhMDFwsKlfx9+lNqY6TsB
cB4QPV0zNI7rQ+uyozL3G6PyPf4O9JJ76n2OLYU5/NTnvmVBui0CHfL0WcS6kAth
cLM4kI6VUlZMVqW+Fl2s7bWlKfzi0LriAuLqV1vCh7VW2GZkc8JZYvkXMG/J6xVc
HJLjZtUgKBv4yYQYJ5vad20J8RqrEgvUU87xiDbZeBxG6Lzl8ePertFhrp5DLOJd
yayc7BMtgSDC+bRVob9ZXw8trBaoyZaIvfQOiTg85Hunonm2Buc+CgZX524pa+a7
nj/krA3nwcKHz2M70g2VrYPwCL+oDgFtjsL4WPYByaxCBw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:52 2024 by rpki-client on console-ams.rpki-client.org